CVE-2025-43865

React Router is a router for React. In versions on the 7.0 branch prior to version 7.5.2, it's possible to modify pre-rendered data by adding a header to the request. This allows to completely spoof its contents and modify all the values of the data object passed to the HTML. This issue has been patched in version 7.5.2.

CVSS v3 8.2 HIGH

8.2^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 4.2

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/remix-run/react-router/blob/e6c53a0130559b4a9bd47f9cf76ea5b08a69868a/packages/react-router/lib/server-runtime/routes.ts#L87
https://github.com/remix-run/react-router/commit/c84302972a152d851cf5dd859ff332b354b70111
https://github.com/remix-run/react-router/security/advisories/GHSA-cpj6-fhp6-mr6j

Configurations

No configuration.

History

29 Apr 2025, 13:52

Type	Values Removed	Values Added
Summary		(es) React Router es un enrutador para React. En versiones de la rama 7.0 anteriores a la 7.5.2, es posible modificar datos pre-renderizados añadiendo un encabezado a la solicitud. Esto permite falsificar completamente su contenido y modificar todos los valores del objeto de datos pasado al HTML. Este problema se ha corregido en la versión 7.5.2.

25 Apr 2025, 01:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-04-25 01:15

Updated : 2025-04-29 13:52

NVD link : CVE-2025-43865

Mitre link : CVE-2025-43865

CVE.ORG link : CVE-2025-43865

JSON object : View

Products Affected

No product.

CWE

CWE-345

Insufficient Verification of Data Authenticity

{"id": "CVE-2025-43865", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 4.2, "exploitabilityScore": 3.9}]}, "published": "2025-04-25T01:15:43.270", "references": [{"url": "https://github.com/remix-run/react-router/blob/e6c53a0130559b4a9bd47f9cf76ea5b08a69868a/packages/react-router/lib/server-runtime/routes.ts#L87", "source": "security-advisories@github.com"}, {"url": "https://github.com/remix-run/react-router/commit/c84302972a152d851cf5dd859ff332b354b70111", "source": "security-advisories@github.com"}, {"url": "https://github.com/remix-run/react-router/security/advisories/GHSA-cpj6-fhp6-mr6j", "source": "security-advisories@github.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Primary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-345"}]}], "descriptions": [{"lang": "en", "value": "React Router is a router for React. In versions on the 7.0 branch prior to version 7.5.2, it's possible to modify pre-rendered data by adding a header to the request. This allows to completely spoof its contents and modify all the values \u200b\u200bof the data object passed to the HTML. This issue has been patched in version 7.5.2."}, {"lang": "es", "value": "React Router es un enrutador para React. En versiones de la rama 7.0 anteriores a la 7.5.2, es posible modificar datos pre-renderizados a\u00f1adiendo un encabezado a la solicitud. Esto permite falsificar completamente su contenido y modificar todos los valores del objeto de datos pasado al HTML. Este problema se ha corregido en la versi\u00f3n 7.5.2."}], "lastModified": "2025-04-29T13:52:28.490", "sourceIdentifier": "security-advisories@github.com"}

8.2 /10